Frequently asked questions.

There is nothing we can do. Really. Your TOTPs are encrypted using a key derived from your master password with the Argon2 algorithm. We will not be able to recover your data if you forget your master password. For this reason, we strongly recommend making regular backups.

The app automatically asks you to make a backup before every sensitive operation, but you can also create one manually in the app settings.

If you have not enabled data synchronization, everything is stored locally in a SQLite database managed with Drift. Even in that case, everything is encrypted.

If you have enabled data synchronization, everything is stored in plain form on our backend, whose source code is available here.

As you may know, servers are not free. In our case, the more users we have, the higher the costs. So, here are the options available to us.

1. We put ads in our app.
2. We rely exclusively on donations.
3. We ask our users to contribute to operating costs.

Option 2 is not realistic at all. Option 1 could be a solution, but ads usually lead to a poor user experience and involve trackers. Therefore, the choice we made to cover the costs is to create a subscription model called the Contributor Subscription. Currently, you can store and sync up to six TOTPs for free, across all your devices. By subscribing to the Contributor Subscription, you will be able to sync as many TOTPs as you want.

In the future, we hope to lift these limitations, or even remove them entirely! In any case, you can use the app locally with no limitations and no ads.

Yes, you should. If your password manager were compromised, then both your passwords and your TOTPs would be exposed at the same time. Therefore, the second authentication factor would no longer serve its purpose.

Don't put all your eggs in one basket!

If that's your case, it probably means that Open Authenticator was installed via Flatpak.

Local authentication on Linux relies on a Polkit policy file that must be present on your host system in /usr/share/polkit-1/actions.

If it is not present, you can install it by copying this file into /usr/share/polkit-1/actions. Then restart Open Authenticator (or your session).

Yes. Since version v2.0.0 of the app, you can host the backend on your own server. Instructions are available on the backend GitHub page (in English).